S.N. 10/721,504 
Art Unit: 2431 



IN THE CLAIMS 

This listing of the claims will replace all prior versions, and listings, of the claims in this 
application. 

1 . (Currently Amended) A method, comprising: 

for packets comprising binding update messages: 

generating validity information for a-the packets, wherein the validity information for 
a packet c omprises all necessary information required to perform a validity 
check of the packet, the validity information comprising algorithm information 
to be used to perforin the validity check of the packet and algorithm 
initialization information, the validity information further comprising public 
key information of a sending node comprising an address in a database of a 
server from which the public key of the sending node can be obtained, where 
no pre-established security association is needed to verify the packet: and 

generating a-packet headers, comprising the validity information; and 

for packets not comprising the binding update messages, generating a packet header 
without the validity information: and 

sending the-packets including the corresponding p acket heade ^headers from a first 
n e twork node to a seeend -receiving network node. 



2. (Previously Presented) The method according to claim 1, wherein the generating of 
the validity information comprises generating security information indicating security 
services applied to the packet. 
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3. (Cancelled) 

4. (Previously Presented) The method according to claim 1, wherein the generating of 
the algorithm information comprises generating the algorithm information which indicates an 
algorithm to be used to perform the validity check of the packet. 

5. -10. (Cancelled). 

1 1 . (Previously Presented) The method according to claim 1 , wherein the generating of 
the public key information comprises generating public key verification information 
indicating information in order to verify that the public key actually belongs to the sending 
node. 

1 2. (Previously Presented) The method according to claim 1, wherein the generating of 
the validity information comprises generating an information item to prevent replay attacks. 

13. (Previously Presented) The method according to claim 12, wherein the generating of 
the information item comprises including in the information item an indication of a procedure 
to be used for anti replay attacks. 

14. (Previously Presented) The method according to claim 12, wherein the generating of 
the information item comprises including in the information item a time stamp. 
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15. (Previously Presented) The method according to claim 1 , further comprising: 

signing the packet using a private key corresponding to the public key indicated by the 
validity information. 

16-17. (Cancelled) 

18. (Currently Amended) An apparatus, comprising: 

validity information generating means for generating validity information for a 
paeke tpackets comprising binding update messages, wherein the validity 
information for a packet comprises all necessary information required for 
performing a validity check of the packet and no pre-established security 
association is needed to verify the packet, and the validity information 
comprises algorithm information to be used to perform the validity check of 
the packet, wherein the algorithm information comprises values to initialize an 
algorithm to be used to perform the validity check of the packet, the validity 
information further comprising public key information of a sending node 
comprising address in a database of a server from which the public key of the 
sending node can be obtained : 

packet header generating means for generating a h e ad e r headers for the packets, the 
packet header generating means generating headers c omprising the validity 
information for packets comprising binding update messages and generating 
headers without the validity information for packets not comprising the 
binding update messages : and 

sending means for sending the paekefc -packets including the corresponding 
headersh eadef to a receiving network node? 



4 



S.N. 10/721,504 
Art Unit: 2431 



wherein th e validity information comprises all n e c e ssary information required for 
performing a validity ch e ck of th e pack e t and no pre e stablish e d security 
as s ociation is n ee d e d to v e rify the packet, and the validity information 
comprises algorithm information to be used to p e rform the validity check of 
th e packet, wh e r e in the algorithm information compris e s valu e s to initialize an 
algorithm to be used to perform the validity ch e ck of the packet, the validity 
information furth e r comprising public key information of a sending nod e 
comprising addr e ss in a databas e of a s e rver from which the public key of the 
s e nding node can be obtain e d . 



19.-41. (Cancelled) 



42. (Currently Amended) An apparatus, comprising: 

a validity information g e n e rato r at least one processor configured to; 

generate validity information for a pack e t p ackets comprising binding update 
messages, wherein the validity information for a packet comprises all 
necessary information required to perform a validity check of the packet and 
no pre-established security association is needed to verify the packet, and the 
validity information comprises algorithm information to be used to perform 
the validity check of the packet wherein the algorithm information comprises 
values to initialize an algorithm to be used to perform the validity check of the 
packet the validity information further comprising public key information of a 
sending node comprising an address in a database of a server from which the 
public key of the sending node can be obtained ; 
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a packet header generator configured to generate a headc r corresponding headers fef 
the pack e t, comprising the validity information for the packets comprising the 
binding update messages. : 

generate corresponding packet headers without the validity information for packets 
not comprising the binding update messages; and 

a transmitter configured to send the paeket -packets including the corresponding h eader 
headers to a receiving network node T 

wh e r e in th e validity information comprises all n e c e ssary information r e quir e d to 
perform a validity ch e ck of th e packet and no pr e establish e d s e curity 
association is n e ed e d to v e rify th e pack e t, and th e validity information 
comprises algorithm information to be us e d to p e rform th e validity ch e ck of 
th e packet, wher e in the algorithm information comprises values to initialize an 
algorithm to b e us e d to perform th e validity ch e ck of th e pack e t, th e validity 
information further comprising public key information of a s e nding node 
comprising an addr es s in a databas e of a s e rv e r from which th e public k e y of 
th e sending node can b e obtain e d . 

43. (Previously Presented) The apparatus according to claim 42, wherein the validity 
information comprises security information indicating security services applied to the packet. 

44. -49. (Cancelled) 
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50. (Previously Presented) The apparatus according to claim 42, wherein the public key 
information comprises public key verification information indicating information in order to 
verify that the public key actually belongs to the sending node. 

5 1 . (Previously Presented) The apparatus according to claim 42, wherein the validity 
information comprises an information item to prevent replay attacks. 

52. (Previously Presented) The apparatus according to claim 51, wherein the information 
item to prevent replay attacks contains an indication of a procedure to be used for anti-replay 
attacks. 

53. (Previously Presented) The apparatus according to claim 5 1 , wherein the information 
item to prevent replay attacks contains a time stamp. 

54. (Currently Amended) The apparatus according to claim 42, further comprisin g wherein 
the at least one processor is further configured to : 

a signor configur e d to sign the packet using a private key corresponding to a public 
key indicated by the validity information in the packet header in the sending 
network node. 

55. (Currently Amended) An apparatus, comprising: 

a receiver configured to receive packets from a sending network node; and 

a ch e ck e r at least one processor configured toi 

perform a-validity checks of a pack e t received packets comprising binding update 

messages and corresponding validity information contained in headers of the 
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received packets bv referring to the validity information contained in a h e ad e r 
of th e pack e t , 

wherein the validity information comprises all necessary information required to 

perform the-a_validity check of-4he - a received p acket and no pre-established 
security association is needed to verify the received packet, and the validity 
information comprises algorithm information to be used to perform the 
validity check of the received p acket, wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the validity 
check of the received packet, the validity information further comprising 
public key information of a sending node comprising an address in a database 
of a server from which the public key of the sending node can be obtained^ 

processing the received packets comprising the binding update messages at least 
according to the validity checks, and 

processing received packets not comprising the binding update messages without 
validity checks . 

56. (Previously Presented) The apparatus according to claim 55, wherein the validity 
information comprises security information indicating security services applied to the packet. 

57. -58. (Cancelled) 

59. (Currently Amended) An apparatus, comprising: 

a receiver configured to receive packets from a sending network node. 

a transmitter configured to forward packets received from-a the sending network node 
to a receiving network nodef-aftd^ 
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q check e r at least one processor configured te-to: 

perform a-validity checks of a pack e t received packets comprising binding update 

messages and corresponding validity information contained in headers of the 
received packets by referring to the validity information contain e d in a h e ad e r 
of the pack e t , 

wherein the validity information comprises all necessary information required to 
perform a validity check of the -a received p acket and no pre-established 
security association is needed to verify the received p acket, and the validity 
information comprises algorithm information to be used to perform the 
validity check of the received p acket, wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the validity 
check of the received p acket, the validity information further comprising 
public key information of a sending node comprising an address in a database 
of a server from which the public key of the sending node can be obtained^ 

causing received packets comprising the binding update messages and meeting the 
validity checks to be forwarded to the receiving network node, and 

causing received packets not comprising the binding update messages and 

corresponding validity information to be forwarded to the receiving network 
node without validity checks . 

60. (Previously Presented) The apparatus according to claim 59, wherein the validity 
information comprises security information indicating security services applied to the packet. 

61. -62. (Cancelled) 
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63. (Currently Amended) A method, comprising: 
receiving packets at a network node; and 

performing a-validity checks of a pack e t received packets comprising binding update 
messages and corresponding validity information contained in headers of the 
received packets by referring to the validity information contain e d in a head e r 
of the packet , 

wherein the validity information comprises all necessary information required for 

performing the-a_validity check of the -a received p acket and no pre-established 
security association is needed to verify the received p acket, the validity 
information comprising algorithm information to be used for performing the 
validity check of the received packet, wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the validity 
check of the received packet the validity information further comprising 
public key information of a sending node comprising an address in a database 
of a server from which the public key of the sending node can be obtained A 

processing the received packets comprising the binding update messages at least 
according to the validity checks, and 

processing received packets not comprising the binding update messages without 
validity checks . 

64. (Currently Amended) A method, comprising: 
receiving packets from a sending network node. 

forwarding received packets to a receiving network node^-aftd 4 

performing a-validity checks of received packets comprising binding update messages 
and corresponding validity information contained in headers of the received 

10 



S.N. 10/721,504 
Art Unit: 2431 



packets a pack e t by referring to the validity information contained in a h e ad e r 
of th e pack e t , 

wherein the validity information comprises all necessary information required for 
performing a validity check of the -a received packet and no pre-established 
security association is needed to verify the received p acket, the validity 
information comprising algorithm information to be used for performing the 
validity check of the received p acket wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the validity 
check of the received packet, the validity information further comprising 
public key information of a sending node comprising an address in a database 
of a server from which the public key of the sending node can be obtained^ 

causing received packets comprising the binding update messages and meeting the 
validity checks to be forwarded to the receiving network node, and 

causing received packets not comprising the binding update messages and 

corresponding validity information to be forwarded to the receiving network 
node without validity checks . 

65. (Cancelled) 

66. (Currently Amended) A non-transitory computer readable storage medium with an 
executable computer program stored thereon, wherein the computer program instructs a 
processor to perform: 

for packets comprising binding update messages: 

generating validity information for a -the p ackets, wherein the validity 

information for a packet comprises all necessary information required 
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to perform a validity check of the packet and no pre-established 
security association is needed to verify the packet, the validity 
information comprising algorithm information to be used to perform 
the validity check of the packet, wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the 
validity check of the packet, the validity information further 
comprising public key information of a sending node comprising an 
address in a database of a server from which the public key of the 
sending node can be obtained; and 

generating a packet header, comprising the validity information; a»d 

for packets not comprising the binding update messages, generating a packet header 
without the validity information; and 

sending the-packets including the corresponding packet headers from a first network 
nod e to a second receiving network node. 

67. (Currently Amended) A non-transitory computer readable storage medium with an 
executable computer program stored thereon, wherein the computer program instructs a 
processor to perform: 

receiving packets at a network node; and 

performing a-validity checks of received packets comprising binding update messages 
and corresponding validity information contained in headers of the received 
packets a packet by referring to the validity information contained in a header 
of th e pack e t , 

wherein the validity information comprises all necessary information required for 

performing the-a_validity check of fee-a received p acket and no pre-established 
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security association is needed to verify the received packet, the validity 
information comprising algorithm information to be used for performing the 
validity check of the received packet, wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the validity 
check of the received packet the validity information further comprising 
public key information of a sending node comprising an address in a database 
of a server from which the public key of the sending node can be obtained* 

processing the received packets comprising the binding update messages at least 
according to the validity checks, and 

processing received packets not comprising the binding update messages without 
validity checks . 

68. (Currently Amended) A non-transitory computer readable storage medium with an 
executable computer program stored thereon, wherein the computer program instructs a 
processor to perform: 

receiving packets from a sending network node, 

forwarding received packets to a receiving network nodef-and* 

performing a-validity checks of received packets comprising binding update messages 
and corresponding validity information contained in headers of the received 
packets a pack e t by referring to the validity information contain e d in a header 
of th e packet , 

wherein the validity information comprises all necessary information required for 
performing a validity check of the -a received packet and no pre-established 
security association is needed to verify the received p acket, the validity 
information comprising algorithm information to be used for performing the 
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validity check of the received p acket wherein the algorithm information 
comprises values to initialize an algorithm to be used to perform the validity 
check of the received packet the validity information further comprising 
public key information of a sending node comprising an address in a database 
of a server from which the public key of the sending node can be obtainedi 

causing received packets comprising the binding update messages and meeting the 
validity checks to be forwarded to the receiving network node, and 

causing received packets not comprising the binding update messages and 

corresponding validity information to be forwarded to the receiving network 
node without validity checks . 



69. (New) The method according to claim 1, wherein generating further comprises 
generating validity information further comprising a pointer comprising an address of a 
database within a server to access a certificate used to verify validity of the packet. 
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